Express 580 0/ FVSOOa 口 Express580(y FVKOOb □□□□□□ Check Poi nt CD _ □ □ N3 FP3 □ □ □ 

□ ISGwth/^pMcation IrtelligenceD □□□□□□□□□□□□□□□□□□□□□□□□□□□ 

□ □ □ □ 

□ □□□□□□ FireWil I-!□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□ 

□□□□□□□□□□□□□□□□ 


□□□□□□□□□□□□□ 

□□□□□□ 

□ □ □□□□□□□□□□□ 

Fi revttii-in nnnnnnnnnn («i) 


□ □ □□□□□□□□□□□□□□□□□ 

Qjnnnnnnnnnnnnn ( 《 2 ) 


□ □□□□□□ 

□□□□□□□□ 

nnnnnnnnnn (ssrn n ) (« 3) 
nnnnnnnnnn (※屮 


□ □ □□□□□□□□□ 

□□□□□□ 

Fi reWil !-!□□□□□□□□□□□□ 

Firewii i-innnnnnnnnnnnnnnnnn (※ョ 


Fi reval !□□□□□□□□□ 

Fi revtti i-]n nnnnnnnnnn (※⑸ 






















Configuring Licenses... 


Host Expiration Features 

Note : The recommended way of managing licenses is using SmartUpdate. 
cpconfig can be used to manage local licenses only on this machine. 

Do you want to add licenses (y/n) [n] ? y . 

Do you want to add licenses [M]anually or [F]etch from file : m .. 

IP Address : 202.247.5.126 
Expiration Date : 

Signature Key : 

SKU/Features : 

License was added successfully 
License will be put into kernel after cpstart 

Configuring Administrators... 


No VPN-1 & FireWall-1 Administrators are currently 
defined for this SmartCenter Server. 

Do you want to add administrators (y/n) [y] ? y . 

Administrator name : fws-admin 
Password: 

Verify Password : 

Permissions for all products (Read/[W]rite All, [R]ead Only All, 
[C]ustomized) w 

Permission to Manage Administrators ([Y]es, [N]o) y 

Administrator fws-admin was added successfully and has 
Read/Write Permission for all products with Permission to Manage 
Administrators 

Add another one (y/n) [n] ? n . 

















Configuring GUI Clients... 


GUI Clients are trusted hosts from which 

Administrators are allowed to log on to this SmartCenter Server 
using Windows/X-Motif GUI. 


No GUI Clients defined 

Do you want to add a GUI Client (y/n) [y] ? y. 


You can add GUI Clients using any of the following formats : 
1.IP address. 

Machine name. 

"Any" - Any IP without restriction. 

A range of addresses, for example 1•2•3•4 - 丄 •2•3•40 
Wild cards 一 for example 1.2.3.* or *.checkpoint.com 


Please enter the list of hosts that will be GUI Clients. 

Enter GUI Client one per line, terminating with CTRL-D or your EOF 
character. 

192.168 .1.99 . 

Is this correct (y/n) [y] ? y . 

Configuring Random Pool... 

You are now asked to perform a short random keystroke session. 

The random data collected in this session will be used in 
various cryptographic operations. 


Please enter random text containing at least six different 
characters. You will see the '*' symbol after keystrokes that 
are too fast or too similar to preceding keystrokes. These 
keystrokes will be ignored. 


Please keep typing until you hear the beep and the bar is full. 

[ . ]. 

Thank you. 


① 


① ^ □□□□□□□□□□□□□□□□□□□□□□□□□□□□ 

② □□□□□□□□□□□□□□□□□□□□□□□□□□ip □□□□□□□□□口 

□ □□!?□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□ <Qrl ><£>□□ 

□□□□□□□□□ 

® □□□□□□□□□□□□□□□□□□□□□□ 














Configuring Certificate Authority... 


The Internal CA will now be initialized 
with the following name : fws.nec.co.jp 

Initializing the Internal CA...(may take several minutes) 

Internal Certificate Authority created successfully 
Certiricate was created successfully 
Certificate Authority initialization ended successfully 

Check Point product Trial Period will expire in 15 days. 

Until then, you will be able to use the complete Check Point Product 
Suite. 

Trying to contact Certificate Authority. It might take a while... 
fws.nec.co.jp was successfully set to the Internal CA 

Done 


Configuring Certificate’s Fingerprint... 


The following text is the fingerprint of this SmartCenter Server : 
ADD OX GAWK MUM LONG RISK CARD FERN LILY KEY JOKE FLOC 


Do you want to save it to a file? (y/n) [n] ? n . 

generating INSPECT code for GUI Clients 
initial_management : 

Compiled OK. 

Hardening OS Security : Initial policy will be applied 
until the rirst policy is installed 


① 


In order to complete the installation 
you must reboot the machine. 

Do you want to reboot? (y/n) [y] ? y . 


② 


□□□□□□□□ 

□ □□□□□□□□□□□□□□□□□□ 

© □□□□□□□□□□ 

□ □□□□□ Fi reWiI I-10 □□□□□□□□□□□□□□□□□□ SShQ W)_ □□□□□□□□□ 

□ □ □ 










_□□□□□□□□□□□□ ( 2 ) 

□ □□□□□□□□ Snart C6shboarct] □□□□□□□□□□□□□□口 Snart CBshboarcC □□□□□□口 

□ □□□□□□□□□□□ Snart Vi ewTrackerD □□□□□□□□□□□□□□間 SnartVl ewStatusD 

□□□□□□□□□□a 

1. □□□□□□□CD ROME □ □ □ □ Check Poi nt INfext Generatioit] CD FOffl □□□□□□ 

□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□ 

□□□□□□□□□□□□□□□□□□□□¥wrappers¥wi ndows□□□□□□□ 

□ den®32. exeQ □□□□□□□□□□ 

Wl conaQ □□□□□□□□□ 

2. □ INbxtD □□□□□□□□ 

□□□□□□□□□□□□□DO 

3. □□□□□□□□□□□□□□□□ YesD □□□□□□□□ 

□ □□□□□□□□_ □□□□□□□□□□□□口 

□ I nstal I ati on qii ons 口 □□□□□□□□口 

4. □ rsfewl nstal I ati onQ □ □ □ □ □ □ NfextQ □□□□□□□□ 

Product n □□□□□□□□□□□ 
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5. |Vfenagen®nt Cbnsol eO [ Snart Cbnsol e][] □□□□□□□□ [INfext ] 口 □□□□□□口 



siadouolm 一 laSUI 



















6. □□□□□□□□ Product sQ □□□□□□□□□ [SnartGansol e ] □□□□□□□□□□□□口 
□ □ 陶]口 □□□□□□□ 

Choose test i nat i on Locati onQ □□□□□□□□□ 

7. □□□□□□□□□□□□□□□ [關口 □□□□□□□ 

□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□ 

8. [SrartC&shboard ] 口 [SnartM ewTracker]Q □ □ [SnartVi ewStatusJD □□□□□□ 口 

□□□□□□□ 

□□□□□□□□□□□□□□ 



9- □□□□□□□□□□□□□□□□□□□□□□□□□□ 

□ □□□□□□□]□□] □□□□□□間 

10. SetupD □□□□□□□□□□□□□□□□□_ □□□□□□間 

11.I nf or rati onQ □□□□□□□□□□□□□□□<□□□□□□□□□ 

12. SnartC&shboarcD □ □ □ Dcpconfig □□□□□□□□□□□□□□□□□□□ Fi revel !□□□(□ 

□ □□□□□□□ )□□□□□□□□□□□ 

SnartCtehboarcO □ □ □ □ Fi rev®l !□□□□□□□□□□□□□□□□□□□□□□□□□□□ 

□□□□□□□□□□□□□□□□□□ 

SnartCBshboarcO □□□□□□□□□□□□□□□□□□□□□□□ Fi reWiI 丨 - 1 〇 □□□□□口 

□□□□□□□□□□□□ 




































□ □□□□□□□□□ ( SSK ] □) ⑷） 

□ □□□□□□□□□ SShB □□□□□□□□□□□□□□□□□□□□□□ CFFDDD 

□ □SShQ □□□□□□□□□□□□□□□□_□□□□□□□□□(□□□□□□□ 

□ □)□□□□□□□□□□□□□□□□□□□□ Firev®llDDDLOISODDDDDDDDD 

Fi revel !□□□□□□□□□□ 

• ■□□□□□□□□□□ 

• _ □ □ □ 

□□□□□□□□□□□□□□□ 

□□□□□□□□□□□□□□□□□□□□□□ 

• □□□□□□ CDRCM 

奉 Check Poi rt INbxt Generati on( N3 wth Appl i cati on I ntel I i gence) 

• □□□□□□□□□□□□ 

• □□□□□□□□□□□□ 

• □□□□□□□□□□(□□) 



□ □□□□□□□□ (-^ 4 ) 

1 . □□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□間 
□>_□□□□□□□□□□(]>_ □□□□□口 

□ □□□□□□□□ CD ROME □□□□□□□□□□□□□□□ 

□ □□□□□□□10Q □□□□□□□ 

□ 明 □□□□□□□□□□□□>_ □□□□□□口 
□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□ 

2_ □□□□□□ CD ROME □□□□□□□□□□□□□□□□□□□□□□ PCVEPO □□□□□□□□□ 

□ CFFQ □ □ □ 

3. □□□□□□□□□□□□□□□□□ PCVEPQ □□□□□□□□□□CISODDD 
□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□ 

□ □ 


4. □□□□□□□□□□□□□□□□□□□□□□□□□ SSH] [□□□□□□□□□□： DPasswrctl] 

□□□□□□□□□□a 

5. ■□□□□□□□□□□□□□□□□□□□□> 

□□□□□□□□□□□□□□□□□a 

□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□a 



$□□□□□□□□□□□□□□□□> 

□ □□□ 2 . □□□□□□□□□□□□ - □□□□□□□□□□□□□□□□□□□□□□□□□□ 
□□□□□□□□□ 




□ □ □ □ CD ROMO □□□口 Check Poi nt l\bxt (fenerati orQ N3 wth Appl i cati on I ntel I i genceQ □ 
CD ROMO □ □ □ □ □ FireWill-lD □□□□□□□□□□□□□□□□口 

# mount /dev/cdrom 

# cd /mnt / cdrom/1inux/ 

# rpm -i ./CPshared - 50/CPshrd-50-04.i386•rpm 

# rpm -i ./CPFirewalll-50/CPfwl-50-04. ±386 .rpm 

# cd / 

# umount /dev/cdrom 



^romd □□□□□□□□□□□ 



8. cpconfigQ □ □ □ □ Fi reWiI I -IQ □□□□□口 

cpconfigQ □□□□□□□□2. □□□□□□□□□□□□ - □ Fi reWiI I-IQ □□□□□□□□□□ □ 

□□□□□□□□DO 



9. □□□□□□□□□□□ 

<□□□□□□□□□□□□□□□□□□□□□□□□□□> 

□ □□□□□□□□□□□Fi reWI !-!□□□□□□□ 



Fi reWM-l[| □ □□□ □□□□□□□□□□□□□□□□□□□□□□□□□□ 


<£nter5Q □□□□□□□□□□□□□□□□□□□□□□ 


■ □□□□□□□□□□□□□□□> 

SnartC6shboarcCl □□□□□□□□□□□□□□ 


10. SnartCBshboarcD □□□□□□□□□□□□□□ 

□ □□ □ 

CD FOffl □□ロロ Check Poi nt ISbxt Gfenerati onQ N3 with /^ipl i cati on I ntel I i genceQ □ CDBCM 
□ □□□□□□□□□□ Fi revel (□□□□□□□□□□□□□□□□□□□0 











FireWill-lO □□□□□□□□□□□□□□□□ □ («5) 

□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□a 

□ □□□□□□□□□□□□ - QFi re_ -10 

□□□□□□□□□□□□□□□□□□□□□ 


# cpconfig 

Welcome to Check Point Configuration Program 


Please read the following license agreement. 

Hit ' ENTER' to continue . . . .. ® 


Do you accept all the terms of this license agreement (y/n) ? y . d) 

Select installation type : 


(1) Stand Alone - install VPN-1 / FireWall-1 Internet Gateway. 

(2) Distributed - select components of the Enterprise Product. 

Enter your selection (1-2/a-abort)[1]: 2 . (D 

Select installation type : 


{ 1)Enforcement Module. 

(2) Enterprise SmartCenter. 

(3) Enterprise SmartCenter and Enforcement Module. 

(4) Enterprise Log Server. 

(5) Enforcement Module and Enterprise Log Server. 

Enter your selection (1-5/a-abort)[1]: 2 . ④ 


① Fi reWI 丨 - !□□□□□□□□□□□□□□□□□□□□□□ 

② □□□□□□□□□□□□々>□□□□□□ 

③ □□□□□□□□□□□□□□□□□□□ 

□ □□□□□□□□□ 2D □□□□□□□□□□□□□□□ 
④ □□□□□□□□□□□□□□□□□□□ 















/ \ 

Please select SmartCenter type : 


(1) Enterprise Primary SmartCenter. 

(2) Enterprise Secondary SmartCenter. 

Enter your selection (丄一 2/a 一 abort)[1]:1 . 

This program will guide you through several steps where you 
will define your SVN Foundation configuration. 

At any later time, you can reconfigure these parameters by 
running cpconfig 

<□ > 

女 ************ Installation completed successfully ************* 

Do you wish to start the installed product(s) now? (y/n) [y] ? y . 

cpstart : Power-Up self tests passed successfully 

<□ > 

FireWall-1 : This is a Management Station. No security policy will be loaded 
FireWall-1 started 

# shutdown -r now . 

\_y 


① 


② 


③ 


© □□□□□□□□□□□□□□□□□□□□□□□□□ 

□ !□□□□□□ Pri nar 如 □□□□□□□□ 

⑧ □□□□□□□□□□□□□□ 

® □□□□□□ 








Enforcement Module. 

Enterprise SmartCenter. 

Enterprise SmartCenter and Enforcement Module. 
Enterprise Log Server. 

Enforcement Module and Enterprise Log Server. 


Enter your selection (1-5/a-abort) [1]: 1 


Select installation type : 


(1) Stand Alone - install VPN-1 / FireWall-1 Internet Gateway. 

(2) Distributed - select components of the Enterprise Product. 

Enter your selection (1-2/a-abort)[1]: 2 . 


Select installation type : 


Do you accept all the terms of this license agreement (y/n) ? y 


Please read the following license agreement. 
Hit 'ENTER' to continue... . 




® Fi reWI l-IQ □□□□□□□□□□□□□□□□□□□□口 

② □□□□□□□□□□□□々>□□□□□□ 

③ □□□□□□□□□□□□□□□□□□□ 

□ □□□□□□□□□ 2D □□□□□□□□□□□□□□□ 
④ □□□□□□□□□□□□□□□□□□□ 


# cpconfig 


Welcome to Check Point Configuration Program 


FireWill-10 □□□□□□□□□□ (※ ら） 

□ □□□□□□□□□□□□□□□□□□□□□3 □□□□□□□□□□□□□□□□□□口 

□ □□□□□□□□□□3DDD2. □□□□□□□□□□□□ - □ FireWI I -]〇 □□□□□□ D 

□□□□□□□□□□□□□□ 













Is this a Dynamically Assigned IP Address Module installation ? (y/n) [n] ?. 

Would you like to install a Check Point clustering product (CPHA, CPLS or State 

Synchronization)? (y/n) [n] ? y. 

Would you like to enable SecureXL acceleration feature? (y/n) [y] ? n. 

IP forwarding disabled 

Hardening OS Security : IP forwarding will be disabled during boot. 

Generating default niter 
Default Filter installed 

Hardening OS Security : Default Filter will be applied during boot. 

This program will guide you through several steps where you 
will define your VPN-1 & FireWall-1 configuration. 

At any later time, you can reconfigure these parameters by 
running cpconfig 

<□ > 


③ D/naniical \y fiss\ gned I P Address N)dul eQDDDDDDDDDDDDDDDDDDDD <Enter?fl 

□□□□□□□ 

④ Check Poi nt cl usteri ng product □ □□□□□□□□□□□□□□□□□□□□ □ □ □ □ □ 

⑤ SecureXU ： □□□□□□□□□□□□□ 

SecureXU ： □□□□□□□ 糊 □□□□□□ 


( 口） 

Configuring Secure Internal Communication 


The Secure Internal Communication is used for authentication between 
Check Point components 

Trust State : Uninitialized — 

Enter Activation Key : .(D 

Again Activation Key : 

The Secure Internal Communication was successfully initialized 

initial_module : 

Compiled OK. 

Hardening OS Security : Initial policy will be applied 
until the first policy is installed 

In order to complete the installation 
you must reboot the machine. 

Do you want to reboot? (y/n) [y] ? y. ② 


0 


)Fi reWI I -ID □ □ □ □ □ Fi revel !□□□□□□□□□□□□□□□□□□□□□□□□□ 

^ □□□□□□□□□□□ 














